Cybersecurity News of the Week, April 15, 2018

Individuals at Risk

Identity Theft

Don’t Give Away Historic Details About Yourself: Social media sites are littered with seemingly innocuous little quizzes, games and surveys urging people to reminisce about specific topics, such as “What was your first job,” or “What was your first car?” The problem with participating in these informal surveys is that in doing so you may be inadvertently giving away the answers to “secret questions” that can be used to unlock access to a host of your online identities and accounts. KrebsOnSecurity, April 9, 2018

Facebook’s Zuckerberg Pledges Worldwide GDPR Compliance: At a U.S. House hearing Wednesday, Facebook CEO Mark Zuckerberg said the company would eventually comply worldwide with the European Union’s tough privacy law, the General Data Protection Regulation. BankInfoSecurity, April 11, 2018

Cyber Update

Adobe, Microsoft Push Critical Security Fixes: Adobe and Microsoft each released critical fixes for their products today, a.k.a “Patch Tuesday,” the second Tuesday of every month. Adobe updated its Flash Player program to resolve a half dozen critical security holes. Microsoft issued updates to correct at least 65 security vulnerabilities in Windows and associated software. KrebsOnSecurity, April 10, 2018

Cyber Defense

Bug hunters: The hackers earning big bucks… ethically: The term hacker is often used pejoratively, but the ability to spot weaknesses in companies’ software and cyber-security systems is in high demand. Ethical hackers are now earning big bucks and the industry is growing. BBC, April 13, 2018

Secure The Human

Social Engineering: A Trick as Old as Time: Social engineering is a growing epidemic that can be either an endgame in itself or a stepping stone toward bigger threats such as ransomware. This age-old tactic can be traced back to the Trojan Horse story featured in Virgil’s “Aeneid” and Homer’s “The Odyssey,” from which the malware variant gets its name. Security Intelligence, April 12, 2018

Cyber Talent

Jobs in cybersecurity are exploding. Why aren’t women in the picture?: LITTLE SILVER, N.J. — The four members of Team Throckmorton, playing junior agents for a cybersecurity firm, are up against a wily gang of hackers. To detect and ultimately thwart the cybercriminals, who are masquerading as legitimate business owners, the Throckmortons must solve a series of increasingly difficult challenges beginning with figuring out how to log into one of the gang member’s social media accounts by cracking a password reset form. NBC, April 13, 2018

Cyber Freedom

What We Know And Don’t Know About Election Hacking: When talk of Russian interference in U.S. elections comes up, much of the focus has been on state-sponsored trolls on Facebook and Twitter — special counsel Robert Mueller recently indicted a number of these actors, and Congress has taken Silicon Valley to task for allowing such accounts to flourish. But there’s another side of Russian meddling in American democracy: attacks on our election systems themselves. FiveThirtyEight, April 10, 2018

National Cybersecurity

Ex-NSA chief Alexander: U.S. flying blind to nation-state hackers: The U.S. government and the private sector lack a common operating scheme for detecting cyberthreats, leaving the country ill-equipped to defend against nation-state hackers, former National Security Agency Director Keith Alexander told lawmakers Wednesday. cyber scoop, April 11, 2018

Moscow likely behind hack on German govt, spy chief says: BERLIN (Reuters) – Germany’s head of domestic intelligence said on Wednesday there was a “high likelihood” that the Russian government was behind a cyber attack on German computer networks, although he conceded it was difficult to be 100-percent certain. Reuters, April 11, 2018

Categories

Get in touch

About Us

Citadel Information Group is a full service integrated information security management / governance firm. We work either consultatively or as part of a client’s senior management team, assisting our clients cost-effectively manage the confidentiality, privacy, integrity and availability of their information. Learn more.